Does Composite Products – Conditional Images have any unpatched vulnerabilities?

No. All known vulnerabilities in Composite Products – Conditional Images have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Composite Products – Conditional Images compatible with WordPress 6.6.5?

According to WordPress.org data, Composite Products – Conditional Images 2.0.2 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Composite Products – Conditional Images compatible with PHP 7.4+?

Composite Products – Conditional Images requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Composite Products – Conditional Images updated?

Composite Products – Conditional Images was last updated on Sep 1, 2025. Frequent updates are generally a positive security signal.

What is Composite Products – Conditional Images's security score?

Composite Products – Conditional Images has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Composite Products – Conditional Images Security & Risk Analysis

wordpress.org/plugins/composite-products-conditional-images-for-woocommerce

Free mini-extension for WooCommerce Composite Products that allows you to create dynamic, multi-layer Composite Product images that respond to option …

200 active installs v2.0.2 PHP 7.4+ WP 6.2+ Updated Sep 1, 2025

compositeconditionalimagelayerswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Composite Products – Conditional Images Safe to Use in 2026?

Generally Safe

Score 100/100

Composite Products – Conditional Images has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago

Risk Assessment

The plugin exhibits a strong security posture regarding its attack surface and vulnerability history. The absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the potential entry points for attackers. Furthermore, the plugin boasts a clean vulnerability history with no known CVEs, indicating a history of secure development and maintenance. The code analysis reveals good practices in SQL query handling, with 100% of queries using prepared statements. However, a significant concern is the low percentage of properly escaped output (30%). This could leave the plugin vulnerable to Cross-Site Scripting (XSS) attacks if user-supplied data is not adequately sanitized before being displayed. While the taint analysis and absence of dangerous functions are positive indicators, the unescaped output represents a tangible risk that needs to be addressed.

Key Concerns

Low percentage of properly escaped output

Vulnerabilities

None known

Composite Products – Conditional Images Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Composite Products – Conditional Images Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

30% escaped27 total outputs

Attack Surface

Composite Products – Conditional Images Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

actionplugins_loadedcomposite-products-conditional-images-for-woocommerce.php:80

actionadmin_noticescomposite-products-conditional-images-for-woocommerce.php:89

actionbefore_woocommerce_initcomposite-products-conditional-images-for-woocommerce.php:94

actioninitcomposite-products-conditional-images-for-woocommerce.php:97

filterwoocommerce_composite_script_dependenciescomposite-products-conditional-images-for-woocommerce.php:100

actionwoocommerce_composite_add_to_cartcomposite-products-conditional-images-for-woocommerce.php:103

actionadmin_enqueue_scriptscomposite-products-conditional-images-for-woocommerce.php:106

actionwoocommerce_composite_scenario_admin_actions_htmlcomposite-products-conditional-images-for-woocommerce.php:109

filterwoocommerce_composite_process_scenario_datacomposite-products-conditional-images-for-woocommerce.php:112

filterwoocommerce_composite_current_scenario_datacomposite-products-conditional-images-for-woocommerce.php:115

filterwoocommerce_rest_api_extended_composite_scenarios_field_argscomposite-products-conditional-images-for-woocommerce.php:118

Maintenance & Trust

Composite Products – Conditional Images Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedSep 1, 2025

PHP min version7.4

Downloads10K

Community Trust

Rating100/100

Number of ratings2

Active installs200

Alternatives

Composite Products – Conditional Images Alternatives

Ivory Search – WordPress Search Plugin

add-search-to-menu

Advanced WordPress custom search plugin. Provides Search Form Customizer, WooCommerce Search, AJAX Search & Live Search support!

100K 11 CVEs

Weight Based Shipping Table Rate for WooCommerce – Flexible Shipping

flexible-shipping

Weight based shipping methods for WooCommerce. Flexible shipping with table rate rules by cart weight and order value. Accurate rates at checkout.

100K 2 CVEs

Featured Image from URL (FIFU)

featured-image-from-url

Use remote media as the featured image and beyond.

70K 13 CVEs

Dynamic Visibility for Elementor

dynamic-visibility-for-elementor

100

Show or hide Elementor widgets, containers, columns, and pages based on user role, date, device, and many other powerful conditions.

50K 1 CVE

Accordions

accordions

Create sleek accordions, tabs, FAQs, and image accordions with a React builder featuring advanced styling, animations, OpenAI support, and customizati …

20K 8 CVEs

Developer Profile

Composite Products – Conditional Images Developer Profile

WooCommerce

36 plugins · 4.7M total installs

trust score

Avg Security Score

96/100

Avg Patch Time

234 days

View full developer profile

Detection Fingerprints

How We Detect Composite Products – Conditional Images

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/composite-products-conditional-images-for-woocommerce/assets/js/single-product.js/wp-content/plugins/composite-products-conditional-images-for-woocommerce/assets/js/single-product.min.js/wp-content/plugins/composite-products-conditional-images-for-woocommerce/assets/js/meta-boxes-product.js/wp-content/plugins/composite-products-conditional-images-for-woocommerce/assets/js/meta-boxes-product.min.js/wp-content/plugins/composite-products-conditional-images-for-woocommerce/assets/css/meta-boxes-product.css

Script Paths

Version Parameters

composite-products-conditional-images-for-woocommerce/assets/js/single-product.js?ver=composite-products-conditional-images-for-woocommerce/assets/js/meta-boxes-product.js?ver=composite-products-conditional-images-for-woocommerce/assets/css/meta-boxes-product.css?ver=

HTML / DOM Fingerprints

CSS Classes

wc-cp-ci-product-image

Data Attributes

data-component-iddata-option-iddata-composite-id

JS Globals

wc_cp_ci_admin_params

REST Endpoints

/wp-json/wc-cp-ci/v1/composite-products

FAQ